@Home Responds to the UDP Notice 437
To the USENET Community:
In response to the recent UDP call for @Home Network to be removed from interacting on the USENET, we are submitting an official response with a proposal of short term and long term news spam prevention initiatives. Excite@Home is very committed to participating respectfully on the Internet, and we have taken previous requests for action seriously.
We have found that the primary source of our excessive USENET posting history comes from subscribers who have installed proxy software incorrectly. Unbeknownst to the customer, this mis-configuration has allowed outside access to the @Home news servers, and has resulted in our subscribers becoming spam relays. Because these various IP addresses create holes in our network, spammers have taken advantage of this mis-configuration, and have posted thousands of newsgroup messages through our news machines.
As of today, we are stepping up our involvement and taking more aggressive action by performing frequent network wide scans of our customer base to target proxy servers. Once these customers are identified, we are suspending their news service immediately. Re-enabling will not occur until we are assured that their machines are secure. We feel that this proactive effort will dramatically decrease the amount of extraneous news traffic originating from home.com.
We are committed to promoting better Excite@Home participation on the USENET, and we are in the process of modifying our current news product and news architecture. We are also implementing more user education as a parallel initiative.
With these new tactics in place, we are asking for an extension to our USENET access beyond the 18th of January and we are confident that the USENET community will see positive news statistics coming in the next few days.
David Jackson
Manager, Network Policy Management
Excite@Home
davjackson@excitehome.net
Incredulous (Score:2)
Security anyone? (Score:3)
If I worked for @home (Score:3)
"Ladies and gentleman of usenet, we've formulated a respose to your so called death penalty, f*** you."
Then I'd moon them.
(What do you mean I ripped off southpark, they got that idea from me... yeah..)
@Home is more than Excite@Home (Score:3)
What are they smoking? (Score:2)
@home fails to get it (Score:2)
See, I don't think they really understand the problem here. You can try to be "proactive" about this sort of stuff as much as you want, but holes will keep opening up, and USENET will keep getting spammed through the holes, and once the spam is out,... same old problem. Even if you cut off their news access immediately afterwards, which only serves to aggravate the customer, who won't understand why they're being cut off.
But I'm glad to see the PR department has taken its normal approach to things - put as much spin on the problem as possible in a press release, then stall and see if everyone quits looking.
@home: Just lock down your news servers already. There's no reason for them to be hanging out in the open like that...
Proof that UDP works (Score:4)
This is proof that the UDP works. The whole point of the UDP is to get someones attention in a very meaningfull way, and thats exactly what it accomplished here.
This is also proof that USENET can manage itself just fine without any "central authority".
----
Shaw@Home answers as well (Score:5)
--- begin e-mail
We are aware that a UDP has been issued against @Home and it is clearly an @Home issue. @Home is aware of the problem and is working on meeting the requirements to have the UDP lifted so that you will continue to enjoy the use of the news service. Due to the current activity and attention to this issue Shaw does not anticipate that the UDP will go into effect.
--- end e-mail
Am I understanding this right? (Score:2)
Why not just block inbound NNTP connections going to customer systems? If what they want to say is "Our users have no business running their own news servers", then why let them?
This "solution" seems excessively punitive and insufficiently preventative: sure, it'll get the current batch of insecure proxies, but it will not stop the next batch.
"Tools, not rules", people
Re:Wow! Great reaction time (Score:2)
Re:My opinion on all of this (Score:4)
Aw heck. Post this time.
Everyone replying so far has apparantly not gone to the dejanews site mirroring the UDP article:
http://www.deja.com/getdoc.xp?AN=571636137
which itself refers to the UDP FAQ:
http://www.stopspam.org/usenet/faqs/udp.html
which would indeed answer most of the objections raised here. RTFM folks!!
As a comment on the @home response? Blame-shifting. Don't extend. But at least they didn't backdate the response....
/(o\ I'm not a medievalist - I just play one on weekends!
*Proactive*? (Score:2)
Re:My opinion on all of this (Score:2)
-----------
"You can't shake the Devil's hand and say you're only kidding."
Easy access? It doesn't GET much easier! (Score:2)
Usenet is an open forum, not some closed, unattainable clique like you're making it out to be. (The administrative side of it, however. . .)
-A.P.
--
"One World, one Web, one Program" - Microsoft promotional ad
I'm an AtHome user.. I don't believe them... (Score:2)
My email addr is chappel + @ + home.com and I get spam cc'd to c*@home.com. They could block this sort of thing out (and I have asked them to) but their claim it is that it is beyond their control.
clowns!
-B
Re:My opinion on all of this (Score:3)
Re:My opinion on all of this (Score:2)
Each computer connected to USENET collects the news. This just says I'm not going to store news from that address anymore.
-cpd
The call for a UDP (Score:3)
For the humor impaired, please click the link to get the joke.
Burn them at the stake. (Score:2)
Set phasers to maximum stun!
I'm at @Home customer who keeps regular logfiles and a firewall. I can tell you right now @Home does NOT scan anything except forwindows filesharing. Some of the @Home network blocks windowsfilesharing at the router, others scan for it and disable it. But if that's what they meant by "scanning for proxies", that's misleading.
Secondly, @Home has, at the time of this posting, not scanned the subnet *I* am on for anything on port 8000, or 8080. For that matter, I have heard a whole lot of nothing on the scanning front.
Thirdly, I have run nmap scans extensively across the @Home network. Sometimes not in stealth mode either. To date, I have received no e-mail from @Home asking me about this (it's for statistics, not hacking, incase they're reading this). This tells me security is very lax for @Home. I would not be suprised if spammers knew this. It's not hard to find out - ask any @Home customer.
Lastly, @Home customers rarely run proxies. I have scanned port 8000 and 8080 - there are maybe 2 per 1024 block of IPs. I have NEVER seen a scan from a remote site to port 8000 or 8080. So drop the charade about this being from "mis-configured proxies".
Also - @home has a strict AUP *against* security scans. They would be in violation of their own AUP to take action like what this guy has mentioned in the article. I was not able to locate their online AUP, but searching here [mediaone.com] or here [home.com] should reveal it. If nothing else, I will scan it in and post it, as I still have the copy I signed.
Re:To little too late?? (Score:2)
> essentially the same thing they have been doing
> for a while (I had sendmail misconfigured and
> they sent me an e-mail about it a while back)
> but the problem still exists.
Go read the UDP FAQ that I read yesterday (see
yesterdays article for URL). Many companies
have responded to the UDP call by cleaning up
their act and getting the UDP revoked.
ALL that is being asked for is that they take
spam complaints seriously and make an effort
to secure their own network enough to curb the
spam. Just educate their users and help them.
This is really something that effects their
users without them knowing. Their customers are
misconfiguring proxies. This allows spammers to
use their reseources. The network link that these
people are paying for, is being slowed down
by immoral spammers, who want to make a buck
and don't care who gets hurt in the process.
It is their users that cause the problem, however
its not their users fault. They are ignorant. it
is @Homes responsibility to try to educate them
to keep the network secure.
Still missing the point... (Score:3)
From the FAQ (Score:4)
From the UDP FAQ [stopspam.org]:
What about legal issues? Don't you worry about being sued? As UUnet (and others) have found, there is no legal requirement for other sites to carry or post their messages. Cancel messages are advisory in nature, and the sites which accept them have to have the ability to process them enabled in their software for them to be effective (the vast majority of sites have them enabled). UUnet threatened legal action when they were UDP'ed in August of 1997, but both the US Justice Department and the FBI (and presumably their own legal department after they consulted them) stated that there had been no laws broken and that they refused to investigate or act. Because none of their own equipment or networks were attacked, compromised, or even affected, there was no legitimate Denial Of Service (DOS) complaint that could be filed. What was happening, in effect, was an organized boycott of their messages. Nothing more, nothing less - and there is nothing illegal in all that. There would also be a horrendous negative public relations wave from actually instituting any legal action. When UUnet threatened, even more people came out in support of that UDP, contributions to legal funds were offered by a large number of people, lawyers volunteered to defend those participating in the UDP, and many ISPs promised to alias UUnet permanently (and work to get others to do the same) the moment they actually instituted legal action.
As another example, there was a rogue canceler, nicknamed "the Kikecanceller" [because his racially inspired cancel message paths all had "!kikecancel" (along with "!spiccancel," "!wopcancel," and others) in them], who was active for a short while. This rogue canceler nuked over 25,000 articles for no legitimate reason before his account got canceled. James M. Hawkins, the supervising agent at the FBI's Tulsa office, stated: "We don't have a case. I don't think we're going to be getting involved in the matter." The local United States Attorney's office was contacted about the cancellations and they replied that no law had been broken. (see the NY Times article about the "Kikecanceller". Note: this site requires you to enter a user name and password to access it, although it is free. There have been no reported instances of spam being sent to any test address that was used to enter the site, so it appears as if this data is only used by that site and not released to anyone who might utilize it for a spamlist).
Re:Incredulous (Score:3)
The classic WinGate acts like pretty much a socks server, when people are using it as a remote proxy at least.
I indeed run Socks5 on my gateway. And yes, it does bind to the public address. But will it let you proxy through it? No.
Unfortunately, this is still detected as an open proxy.
Re:My opinion on all of this (Score:2)
Is it legal?
Damn right it's legal. You have no "right" to make me carry your news. If I chose not to carry news from your site, there isn't a damn thing you can do to force me to carry it.
What happens if for example I am a researcher and want to send a usenet posting to someone
You don't send usenet postings to someone, you send email to someone. If your research relies upon Usenet, then you should get Usenet access at your research establishment. There are commercial Usenet access companies, and there is Dejanews.
Guess I'm screwed by the "wonderful" community
No, you're screwed by @Home's lax attitude towards open relays and spammers. They've been told numerous times to clean up their act, and refused. Pre-announcing the UDP is a last ditch attempt to get @Home to take us seriously.
Re:My opinion on all of this (Score:2)
As for "extremists" -- these aren't extremists. These are the sysadmins who built the fucking thing. If we're playing baseball with my ball, and you decide that you'd rather use my ball to bean your little sister instead of playing the game, I'm going to take my ball away and not let you play with it.
Re:Security anyone? (Score:2)
%japh = (
'name' => 'Niklas Nordebo', 'mail' => 'niklas@' . 'nordebo.com',
'work' => 'www.sonox.com', 'phone' => '+46-708-405095'
Re:Fine, @home, but... (Score:2)
-----------
"You can't shake the Devil's hand and say you're only kidding."
Re:Fine, @home, but... (Score:2)
'Break the law'? 'DoS attack'? That's not how Usenet propagation works.
The large news feeds pass along messages from other sites as a courtesy. They use their own resources (time, disk space) to do so. If they choose not to pass along messages from another site due to volume of useless postings, poor Net behavior, or whatever, that is their right.
If you had guests over who made a mess in your bathroom, shaved your dog, filled up all your trash cans, started yelling obscenities and advertising slogans whenever someone tried to start a conversation, and left all of your doors and windows unlocked, would you invite them back?
Neither would the news admins participating in UDPs.
--
So who is buying this? (Score:3)
Well, its Creative... I'll give them that.
This really is the best they could come up with on short notice. I mean they can't possibly get their staff to actually enforce usenet spam rules, considering that would require hiring more staff who have a clue what usenet *is*.
Considering how small @home's user base is compaired to someone like AOL, the fact that they are being targeted by the UDP shows just how bad the problem is, their users must be generating tremendous amounts of spam per user to cause such problems.
I for one don't believe this solution of theirs is a real solution at all, and until the numbers show that the problem has gone down dramatically, I say hit them with the UDP as planned. If the numbers between now and then do show that they are having an impact in their efforts, then give them more time. But make them be the first to move, don't give an inch until they do something about it. Its the only way to deal with big corporations that don't actually give a damn about the Net itself or anything except their own bottom line.
Re:Security anyone? (Score:2)
It sounds like you are saying that instead of securing your own server against attack you would prefer your ISP provide a sterile network for you, without your providing additional compensation for that service? Is @home specifically less secure than another ISP? While @home could arguably be the target of more DoS style attacks, I don't see how chosing @home over, say uunet, makes your network any more secure, as far as regular internet service is concerned. The Internet is the Internet, all unfiltered connections are equivilent in their security. @home, from what I understand, does do some basic filtering, please correct me if I am wrong.
Your statement makes a point, however, if you use your ISP to handle some of the essential and regular network services. Personally, I much rather prefer a nice server of my own rather than one at my ISP, especially because I don't trust anyone else with my corporate data, even if I am compensating them for a 'secure' set of servers. One of our local ISPs used the ECPA of 1986 as an excuse to peruse email, and apparently got away with it.
sl
Re:@Home is more than Excite@Home (Score:3)
Sounds like Wingate. (Score:2)
What about email? (Score:2)
Wondering...
Ben
Re:My opinion on all of this (Score:2)
Flat out wrong... nobody's forcing @Home to shutodown their servers... A more correct analogy would be automatically burning anything in your snail mailbox that has a bulk postage rate stamped on it. Sure, some of that mail may be interesting but the large majority of it is useless junk that you don't care about coming from someone trying to scam you. Are you saying that it's "quasi-legal" at best for me to burn my mail? Are you now dictating what I can and can't do with the mail in my mailbox? The USPTO still delivers the snail mail spam just like the usenet backbone will still offer usenet spam... the UDP is simply a bunch of citizens collectively burning their junkmail.
Did I miss something? (Score:2)
@Home == Netcom! (Score:2)
I don't like the fact that these companies are so irresponsible that we have to take a big stick to 'em, but ultimately it will prove successful. I vaguely remember that it's easier to reinstate a UDP once it's been applied once, so any number of half-measures on @Home's part will fail. Responsible behaviour is the only way out of this.
Re:Proof that UDP works - AGREED!! (Score:3)
Re:Incredulous (Score:4)
I'd like to have cable access, but not a crippled Windows box with all its problems.
Re:Proof that UDP works (Score:3)
Re:Proof that UDP works (Score:2)
@Home will prob ban static IPs. Thanks guys! Not. (Score:2)
Yes Cox@Home still offers static IP addresses to subscribers in a few markets such as Las Vegas.
There IS a danger to the UDP (Score:4)
This is largely true. The UDP is a demonstration of successful self-coordination and democratic mob action. Individual admins opt-in to the UDP, or they opt-out, with only their own consciences as judge.
However, traditionally, governmental oversight has never been necessary in cases like this one, where an entity is punished for harming others. As the Libertarians correctly point out, community action will generally take care of such rogues. But government has been necessary in cases where a universally unpopular, but legal, viewpoint is expressed by an ostracized group.
Consider a group basically everyone despises: white supremacists. If an ISP were to rise up, comprised entirely of Aryan Nation skinheads, and if their thousands of clients were to post every day their noxious personal opinions all over the web, there is a smal but real possibility that some news admins would call for a UDP against the service. There is also the possibility that this UDP would go into effect, although no actual crime or harm had been committed, and the silenced participants were exercising their constitutional rights to free speech.
In cases like the hypothetical one above, civil rights legislation has a real and legitimate role to play. In the UDP FAQ, it is mentioned that only a government can legally perform censorship. However, Libertarians can't have it both ways - either they can accept civil liberties checks and regulations from the Feds, or they must assume the responsibility of allowing Usenet to become a government unto itself. At that point, the distinction between censorship and "private choice" becomes indistinct.
I'm not against the UDP or weak government, but I'm not against centralized civil rights standards either - that is the notion behind the constitution of the United States after all.
-konstant
Yes! We are all individuals! I'm not!
Nonsense, @Home (Score:5)
There are several reasons why. #1: Consider that the volumes of spam we're talking about - probably gigabytes upon gigabytes - would easily paralyze a cable modem connection, particularly when, for most @Home users, the upload cap is approximately 128Kbps (approx. ISDN speed). For anyone to make use of this exploit would require probably a dozen cracked systems per spammer.
#2 Every one of those systems is already being used by a human being (scratch that - several human beings; we are talking about a proxy here), who are going to complain to @Home, at which point they would have put a stop to the spamming.
#3: A UDP is only proposed after repeated attempts to notify the non-compliant admins of the problem. When @Home was notified, they could have found the addresses that the spam was posted from and discovered this "proxy" problem much earlier. Indeed, proxy problem or not, @Home could have remedied the situation much earlier than they are.
#4: Occam's Razor. Mr. Jackson's explanation is not the simplest one that fits all the facts. The simplest explanation is that @Home users are being allowed to post unadulterated spam and not being punished for it.
Having said that, I'm betting the spam problem goes away before the deadline. This is the usual "we don't have a problem and we're fixing it" notice that goes out after most of the UDP's, and usually, the UDP doesn't have to be enacted because the ISP knows (and simply refuses to admit) that they have a problem - and they fix it to avoid the punishment.
Re:Hypocrites (Score:2)
This argument is rediculous. If you do a DOS attack on a network you are hurting that network by saturating its pipes. A DOS attack is just that, an attack against someone else's network and equipment. A UDP is a refusal to accept messages originating from someone else's network. A UDP applies to the networks refusing to accept messages, not to the network they are originating from. Agreed, the users of the UDP'ed network suffer, but in America, that's why we have the ability to choose which ISP we go with. A good ISP wouldn't get UDP'ed.
A UDP is Wrong (Score:3)
You don't like snail mail from AOL, Microsoft, and a few other American based companies. Therefore you decide to go around to everyone's house and take any mail, coming from any American address, out of their mail boxes and you put all of that mail into a pile. In order to receive the mail, the recipients need to go grab the mail from the pile.
Yes, yes, yes. I know. You don't have any obligation to carry the news yourself. I have read the UDP FAQ, I have been on USENET for many years, I even run a few news servers myself.
If you don't like it, decide to organize an OPT-IN boycott. Setting up cancelbots, etc, is an OPT-OUT boycott. If a news server admin doesn't want to participate in the UDP, they must specifically change their news server config to do so. I'm pretty sure that most news servers are set by default to accept ANY cancel message whatsoever.
Any UDP involving cancelbots is not analogous to a "I don't like 'X' network, so I will not carry their packets" situation, it is more similar to "I don't like 'X' network, so I will spoof their IP and send TCP Resets to any packets coming out of their network. If people don't like the TCP resets, they don't have to accept them." Of course, you know very well that most servers will accept TCP resets appearing to come from the host itself.
That being said, I support a non-invasive OPT-IN UDP (boycott) against @Home, because although some of the @Home affiliates/cable providers do a good job of abuse handling, some do not and @Home itself just plain sucks in handling abuse complaints.
Re:My opinion on all of this (Score:2)
Then subrscribe to a news service -- you seem to be under the impression that having an ISP account gives your rightful access to anything you want. it doesn't. if you want a good quality newsfeed without restrictions and wihtout this kind of idiocy, you have to get a subscription to a REAL news server.
I hardly see how I should be at fault because a sysadmin wanted
to keep his little discussions under his control and not allow anyone by his close friends or others who have a spare T-1 to
use get a newsfeed
that's like complaining becuase the guy down the street won't let you into his party -- it's his party, and he can cry if he wants to. if you want news access from someone's computer that they control and are incharge of, you'll have to work out some sort of a deal with him, whether it's paying for it or getting to be friends with him.
Is there any way to actually do an end run around the news servers and simply create my own private
slow nntp server? Everyone says that hd space is so cheap now adays so why can't I get a standard 56k modem and then
get all the data from some reliable server
Guy, do you have any clue how large and expensive it is to run a news server? This isn't a mailing list, you're talking about a few hundred gigabytes a day of data. if you don't have a t1 line and a lot of servers don't think you can just "hook up" for free. No one gets news feeds for free, they have to pay for them. @Home pays for theirs, and so does every other ISP.
I would love to have digests of my favorite newsgroups mailed to me every let's say day or so. The
news server could just in fact mail me the digest hourly or so if it was too much to do it daily. With all this magical bandwith
I see no reason that someone can't do something to see this through to reality.
What magical bandwidth? We're not talking about a mailing list here -- this is gigabytes and gigabytes of data! If you want someone to send you a digest, then find someone willing to give you that service. if you can't, maybe you SHOULD set up a news server to provide that service. You'll have to pay for news feeds from others (until you're big enough to get a free peering agreement), but you get to resell it to customers.
Re:My opinion on all of this (Score:2)
USENET traffic will be carried at that site. If an administrator decides not to carry certain traffic, he is answerable to his own users; he is not answerable to the originators of the
traffic.
And therein lies the problem with what is actually going on in terms of access. If I want to e-mail someone I can simply type in the address and send it to anyone I want to. If I want to go to a web page I can as well. What I cannot easily do is arbitraly look at a particluar news group on any particlar site. There is not simple means yet in place that will allow me to just type in news://alt.jimmy.slashdot-comments.athome.discuss or something like that and then just find a central archive or a mirror that has *every* posting for an agreed period of time. I do *not* want my admin to be in control of what I see. Do you? Do you really want to have filtered content that isn't just decided by a filter but by say Alan Keys (Republican presidential candiate)? Would it get you a little upset if another server was run by Bill Gates himself and all linux groups were banned? When it hits too close to home then people get a little uncomfortable about it but when it dosn't affect us then it's all ok right? Really what they should have said in the draft for nntp (why did they create it anyway when we can have e-mail?) is that is was a inherently sensored medium and that it would never be totally open? Can you say that about the implimentation of SMTP? No you cannot they are way to do it but the archieture does not support it in the draft 100% like nntp does.
The UDP is a suggestion to individual site administrators, no more.
Just like the school bully who makes it a "suggestion" to give him your lunch money so that he can buy smokes or he'll brain you with a lead pipe.
Re:What are they smoking? (Score:2)
Remember, the cable modem technology works off of a 'network neighborhood' configuration; if all the people within 1000 ft of your home are downloading pr0n at the same time, your pr0n download may come down at about 3k/sec. It's really to ensure quality in the service.
One thing that was mentioned to me by one of the techs for Comcast@Home is that they monitor upstream for abuse; downstream they don't care about.
--
"Hmmm...who can we blame this on..." (Score:2)
Regardless they are still blaming the user when they should be blaming themselves.
Re:Easy access? It doesn't GET much easier! (Score:2)
YES BINGO GIVE THE PERSON A CIGAR
You said it admining is where the bottleneck gets really bad. It dosn't matter that Pope John Paul III himself endorces the medium and that the people on usenet help poor needy people in Bangledish get food and pokemon cards to their doors it's still about a single person trying to play Ebeneezer Scrooge and trying to determine what goes on. Technically it should be like http and have many, many choices to choose from. For example one of the terminals has a version of MSIE 5 on it could someone tell me exactly how (considering a great deal of evil scooges may have disabled it in some way) access news from there. I think that would help out a great deal right from the start.
A slap on the wrist? (Score:2)
I know this is a little on a larger scale, but this is probably the metaphorical equivalent of "don't spank me mommy, I won't do it again!!"
Does this mean that @home should not still be punished? The damage has been done, and has been done for a very long time. Like someone said on NANA.usenet, it took 2-3 years of net abuse by @home to have a UDP put on them. 3 years of spam? And finally action has been taken on it.. only to have it blown off by a press release?
IMO I think @home needs a little time to think about what it did.
Oh, and on another note, aren't these people using residential accounts? Last time I checked, accounts that were spamming were cancelled. Flat out, all across the board. Not "Once these customers are identified, we are suspending their news service immediately."
*sigh*
And still continuing to miss the point... (Score:3)
USENET is not a "public" (ie, government-run) forum. It's a whole bunch of private machines strung together, and when you buy an account with USENET, you buy the right to use one of those private machines to access the content carried from the rest of those machines.
Sometimes one of those private machines will start dumping crap into the channels used by the rest of those private machines. The owners of those other machines will take every possible initiative to try to get the owner of that one crap-spewing machine to cut it out. Finally, strictly as a last resort , they will tell the owner of that machine, "Until you get your act together, you can't join in any of our reindeer games" and thus kick him out of the network.
Yes, this hurts the little people who subscribe through that machine. That's the whole point! Now the owner of that machine will find himself under pressure from within as well as from without--either he fixes the problem, or his users leave him for other services that can provide what they need. And since the UDPers always give a good amount of notice, I would guess that most of the time a UDP is threatened, it never actually becomes necessary because the sheer threat of it is enough to force the offender to clean up his act.
At any rate, as others have noted, participation in a UDP is strictly voluntary; any site can configure itself to ignore cancels from UDPers. In practice, of course, few do, so the threat remains effective.
This is simply an example of USENET's self-regulation mechanisms at work...when someone gets too out of line, he either gets kicked back into line or gets kicked out. It's actually kind of neat, seeing how a system with no one governing body in charge can still regulate itself. Sort of gives you hope for humanity.
from someone who's been there... (Score:2)
May not be an issue (Score:2)
Fortunately, they haven't blocked ports 21, 23, 23 and 80 (to name a few important ones). Not yet anyway. Now, if @Home blocked a port or 2 on their systems, could this be avoided altogether? Some RR folks are really upset that 25 is blocked for us, I'm dealing with it; the service is still better than dial-up. And it does give me some peace of mind that people can't try to abuse my box via sendmail. I'm just wondering if @Home is posturing with this "we're going on a hunt" thing because they don't understand that it may be as simple as flipping a virtual switch on the routers, and KNOW that they don't understand how to run things well.
wrong problem, wrong solution (Score:3)
@Home needs to protect their news servers so that only authenticated customers can post (proxy or not). If there is a spam, they can then identify where it came from and should selectively take action against that customer. Since @Home actually runs cables to their customer's homes, they don't even have the problem that customers cancel and resubscribe under a different identity; unlike other ISPs, they actually can enforce their policies. The UDP against them should continue until they do.
Re:Hypocrites (Score:2)
How about the 911 system that's a call to. What about calling the government for something or maybe the IRS or someone you have a contract with, or perhaps your school or work to tell them that you are ill and cannot go in today? Those are calls too.
But, if we decide to call your # constantly, thus preventing you from using your phone we are causing harm to you.
How exactly does this prevent me from calling out? In my area of the world even if a bunch of people try to call me (not necessarily several million people) I will still be able to answer the phone and still be able to physically pick it up and then do whatever I want like make a call to Enzios pizza for a large sausage pizza with anchovies or something like that (assuming that his line isn't busy trying to call me at the same time).
Preventing you from using your own facilities is entirely different from us deciding to not listen to you on -our- facilities.
That effectively kills the whole point of doing something like networking. To play a networked game with someone you first need a network to connect it with. If I have a car and everyone everywhere won't sell me gas then that kills the function of the car preventing me from using my facilities at all (unless I own a refinery and get my own oil well).
What about a hospital. Suppose I get shot because I disagree with you about usenet accesses and interfaces. I stagger to the hospital is also in on the conspiracy to shun me so I sit (or more exactly lay face down) in the middle of the street and die. You see there are little things like laws that say that if in circumstanced like those that you were obligated to help because you could give care. Just because you don't like the look of the guy because he isn't a member of club usenet dosn't mean you have the right to do anything that prevent equal access. Would you say it would be descrimination to prevent black people from eating in the same places, drinking from the same water fountains, using the same facilities and serving in the army with you? Well people in the good ol' days did (read 1865-1964 with passage of the Civil Rights Act of 1964) exactly that. What will eventually become a standard is that access that I pay for that is being given out to the public will happen no strings attatched and such. You say spam is a problem? Well then why don't we use all the new fangled technology and create better networks to handle trafic in a free society. I I have millions of dollars to spend I ceternally am not hurting for profit or resources.
Re:My opinion on all of this (Score:2)
the Path: header which allows ISPs to accept normal cancels but not accept UDP cancels, or only accept certain UDP cancels (if there is more than one UDP under way
simultaneously). A normal spam cancel can be aliased out by pathhost aliasing the "!cyberspam" psuedo-site. In addition, there are psuedo-sites for Make Money Fast chain letter
cancels ("!mmfcancel"), UDPs ("!udpcancel"), and for each individual UDP that might be in progress (![sitename]udp"). An ISP can choose to honor or ignore any or all of these if it
so desires.
So then give me an example of a news server which did or does not follow the UDP? Can you even think of or list one? It's just like the reason everyone uses windows because the next guy does it.
Not an overnight fix. (Score:2)
The one solution that might make sense is for @Home to secure their news servers with an authentication method required each time a client wishes to read or post. They can tie this password with the users email password in their database. This should help defeat the proxy spam problem.
Some may argue that it is @Home's responsibility to educate their customers - which I partly agree with. But this process takes time, and is not an easy task.
Take two million computer illiterate households who decided to jump on the internet so they could buy books and cd's for grandma and grandpa for Xmas. Now picture Junior installing wingate or some other proxy software on mom and dad's machine so he could irc from both home and school. Of course, Junior didn't bother to secure the proxy - but that's neither here nor there. Now picture the difficulties involved in the ISP educating this household in what went wrong and how to fix it.
The USENET community should have patience and provide assistance. It's the UDP itself that has forced @Home to take such drastic action as shutting down news access to it's customers who have misconfigured proxies. So maybe folks should think twice before they scream about @Home "blaming" it's users. The last thing any company wants is bad customer service. The UDP forced the issue, and forced @Home to take this stance.
Don't get me wrong, I'm sure @Home could have been more responsive in the past... but keep in mind that the USENET community at large probably would not be privvy to @Home's behind the scenes activity; Nor would they be intimately aware with the number of emails or phone calls the @Home abuse department has made to their customers to correct misconfigured proxies.
The bottom line (IMO) is that USENET has given @Home an ultimatum, and @Home is responding. But this is not the sort of problem that @Home can fix overnight. The nature of their service and the shared network topology inherent in the cable network design create some unique security hassles. Everyone should do their best to understand the nature of the work required before they blast @Home for being unresponsive or for just not caring.
Lonnie
Yes, you missed something. (Score:2)
What is the network made of? Think about that for a moment. It's not made of T1 and T3 and other cables and routers...because by themselves, those wouldn't have any information flowing through them.
Soylent Green is made of peop--er, ahem, the network is made of computers. And each computer in that network is owned by someone. Be it a university, a corporation, a single person...all these count as individuals in the eyes of the law.
Just as a whole bunch of people who own a club may decide, collectively, that they don't want some other person in it, the whole bunch of people who own the network's computers may decide that they don't want some other person's computer using it. That's perfectly legal. As has been explained to you over and over and over and over. But you don't seem to get it, and will continue not to get it.
Oh well...at least you're providing a good reason for dozens of informed people to post their explanations so that those who are merely ignorant of the facts instead of stubbornly wrong-headed can make up their minds...
Spreading misinformation (Score:2)
1) You are not an @Home customer, you are a roadrunner customer.
2) Scans on ports 8000 and 8080 have jack squat to do with news proxies.
3) 2 proxies (and again your statistics are meaningless wrt news proxies) per 1024 addresses is PLENTY for them to be abused by non roadrunner customers (see point 1 for why this has nothing to do with @home customers). If roadrunner has 100,000 customers, that's almost 200 potential sites through which spam can be sent. And I believe @Home is much bigger than roadrunner.
Re:WTF? (Score:2)
@Home says they're going to enforce their AUP, and your friends complain because they're currently violating it by running Linux boxen? Didn't they read the AUP before signing up? @Home is very clear that servers of all kinds (file, print, telnet, you name it) are no-nos. Don't like it? Don't sign with @Home.
And yes, we walk the walk. We paid for the wiring all the way from the curb to the server and then they changed the AUP. Still on 56k.
Re:Still missing the point... (Score:2)
You are paying for the right to access and post to your ISP's news server. Nowhere does your contract say that it will be guaranteed to propagate to the rest of the net. That is where the UDP comes into play.
Re:My opinion on all of this (Score:2)
"pull" system where you as a reader can actually choose which newsgroups and which posts to read. Think about NNTP of something like the forums here on
rather read them online or have all posts in your mail folder? Didn't think so
If I could use an offline modeling system to get them, organize them, and use them in any way possible them yes. As it is now I miss out on all the really interesting stuff because I just happen to be away from a dedicated t-1 (that is constantly denied the the average citizen) and cannot see what others have posted or respond to it. I have more access to e-mail or perhaps an offline modeling system than access to some random IP based service. If someone would just make sure that everyone had equal access we wouldn't have the lawsuits from the ADA about equal unfettered access to various services.
"No Servers" rule is for residential only (Score:2)
When you get business service, you can have servers, choose from many different levels of bandwidth limitation, have multiple static IP's (paying extra for each of these things, of course, after paying way more than residential users to start with).
Hang on a cotton pickin' second (Score:5)
Woah. Woah there. Slow down just a second.
Right. Burn 'em at the stake? Let's see why again?
They didn't say they did. They said they will.
Right, I just don't get this. Do you know how long a scan takes? I'm not talking a script kiddie's nmap for open ports. I mean systematically probing an entire network for a stated behaviour with a sufficient timeout that you won't miss really slow servers (like, oh, say, ones that are already pumping piles of spam). They announced they'd start this as of today. Clue: it's not done yet.
And what do ports 8000 and 8080 have to do with this anyway? Are you talking about web proxies? They're a problem, sure, but tell me again how scanning for web proxies will get @Home out of the UDP? Can you even tell if @Home is scanning you on the NNTP port?
Heh. Gotta love the way you admit breaking your own ISP's rules on a public forum. And there are ways to judge relative security of an ISP. "I've run lots of scans and not been busted yet" is not one of them.
Signal 11, and everyone else, stop jumping on people when they admit they have a problem. This is good. @Home are doing the right thing when they admit this. It is the vital first step without which no further action can be taken. I know it's tempting to scream and roar at someone because they're evil, or because they snubbed you in the past. But these same people that are evil or snubbed you are the ones that we most need to take this step.
Please. If you think you can challenge @Home's statement, forward your evidence to the UDP people so they can consider it properly (clue: slashdot is not the best place to do this). But every time I see someone taking that first step and being met with ill-informed cries to burn, let 'em burn, I have to ask myself if I can actually ask the next guy to take it in good faith. I'm rapidly coming to the conclusion that I can't.
Dave
--
Re:Still missing the point... (Score:2)
My friend, you seem to be terribly confused. You pay an ISP to have the right to call it, and exchange unmusical noises with it modems, and maybe transfer information. That is what you pay for. If the ISP suddenly turns off all of its modems, you can sue it.
You don't pay to access the USENET: for one reason, the USENET does not really exist. What exist is a bunch of systems that share naming conventions and occasionally agree to carry each others traffic (and not all of it). Of course, if your ISP was unwise enough to write in the contract you agreed upon that you will have access to USENET (for some definition of USENET, mark you), then you can sue the ISP.
I would say that this would be descrimination same as if for some reason every time I tried to post to slashdot malda decided that no matter what nic I got every post
[snipia]
was not allowed to post to slashdot.
Yes, but it would be perfectly within slashdot rights to discriminate against your posts. ...
As for you "legal entitlement" to using the net in all its forms, I wonder where you heard about it. Is it in your Bill of Rights ? Or in a previously unknown amendment ?Let me make it clear: Slashdot is not a right. The USENET is not a right. IRC is not a right. Photo Net is not a right. They are privileges and favours: as such, they can go away at any time. Just get yourself banned from a MUD/MOO/chat and try to sue
Free Speech is being infringed when you have limited resources (not everybody can have his own newspapers, and for every town there is at most one Speaker's Corner) - but on the Internet anybody can build its own web site.
I really hate it when people build something with their work and patience and time, and then a random guy shows up and says: I have a right to this.
Re:Not an overnight fix. (Score:5)
The wonderful thing about the UDP is precisely that it forces the spam issue regardless of the ISP's internal issues. The UDP folks look (rightly, imo) at ISPs as basically black boxes which either generate/perpetuate spam or do not, and act accordingly.
Look at it from another angle: Joe Ethical Admin has been bugging Sandy Clueless Manager for weeks or months about this, but gotten no real mandate to put fixes in because of low priority. UDP drives that priority up, and actually _helps_ Joe do the right thing!
As long as UDP remains ethical and fair in the 'prelude' phase (documented, adequate time to repent, adequate technical assistance) I have no problem with it, or with the pain it causes target ISPs. Sometimes you need to feel pain to know something needs fixing.
The bottom line (IMO) is that USENET has given @Home an ultimatum, and @Home is responding. But this is not the sort of problem that @Home can fix overnight.
Well, if they are responding adequately, I'm sure the UDP will be suspended or lifted. Check up on the history of the UDP: the 'judges' are pretty forgiving of truly repentant offenders.
The nature of their service and the shared network topology inherent in the cable network design create some unique security hassles. Everyone should do their best to understand the nature of the work required before they blast @Home for being unresponsive or for just not caring.
If they didn't think of abuse issues ahead of time during the design phase, they deserve what they get! It's not like IP networking hasn't existed for 20+ years.. There's solutions to this, which quite honestly should have been documented and applied at the time of the network rollout. And if the technically correct behavior is being stifled by non-technical considerations, it's things like UDP and MAPS that help force technical concerns up higher in the list, and that's nothing but a good thing.
Your Working Boy,
Re:Hypocrites (Score:2)
Yeah, but they broke the rules when they posted it (Score:5)
However, let's look at how it was posted. First, it was crossposted to the news.admin hierarchy. This is a no-no. They want you posting to the newsgroup that it is appropriate to. But let's overlook that transgression. It might have been an oversight on Mr. Jackson's part.
But he also forged the approval headers for the moderated newsgroups that he posted to. And that is a big no-no. Especially when you're pleading for your network's life. And it requires premeditation. You don't forge the headers by accident.
And not only that, but he has now attempted this three times. The first time it was canceled by someone who I assume is one of the moderators with the message "No forged headers on my watch". Then Mr. Jackson posted it again. It was cancelled again with the message "No, kids, you don't get it. No forge-approvals. No crossposting in NANAP." Now it has been posted a third time.
So how serious can @Home be if they have commited multiple acts of net abuse all on their own in responding to the action being taken against them for their customers' net abuse?
-Todd
---
Re:If the UDP went through (correct me if I'm wron (Score:2)
True.
"All USENET traffic originating OUTSIDE of home.com would still pass through to @Home's NNTP servers, articles being available for @Home users to read."
Yep.
"@Home users could still post USENET articles, which would reside on @Home's servers (though not make it outside), and @Home users could still read other @Home user postings."
Yep.
The basic premise here is that the UDP keeps posts from @Home from propogating (sp?) to sites participating in the UDP. @Home users can still download posts as usual, it's just that when they post, nobody's really going to see them. But they can still see everything else, and yes, even the spam
Re:@Home will prob ban static IPs. Thanks guys! No (Score:2)
They already do on at least two counts. You can't run servers of any kind (e.g., shared printers on your LAN) and you have to use their Special Modified Version of Infernal Exploder to access account info. Most @Home systems also don't use static IP.
Re:There IS a danger to the UDP (Score:2)
It is illegal to prevent free speech over publicly funded mediums. The internet is a tool for everyone.
On the other side, usenet servers along with web servers, ftp servers, irc servers and the like are the sole property of the organization that makes them available on the internet. Content that flows across these private systems and networks is within the sole judgement of the operators of that service and they can, for any reason, terminate,cancel,or dispense with materials they deem unfit.
This may not be a blow in the favor of free speech, but is the law and is logically founded.
In the future I see similar issues with email, web traffic, and things like irc. People believe that email is a right and a service, but dont realize that at the drop of a hat, it can be taken away.
The government is not in control here..
If you dont like your isps censoring practices, then you sare free to switch isp's. There will always be those of us who despite out viewpoints will always defend the rights of others to have viewpoints. no matter ow dispicable they might be.
Last Warrior
Re:Burn them at the stake. (Score:2)
The @Home AUP [home.com]
Pay particular attention to the all-inclusive ban on "servers," broadly defined.
Re:Yes, you missed something. (Score:2)
computers may decide that they don't want some other person's computer using it. That's perfectly legal. As has been explained to you over and over and over and over. But you
don't seem to get it, and will continue not to get it.
About the club concept I have similar reactions and say that (from the mind of Homer Simpson) that I am ashamed of this "crappy club for jerks". If I own a resteraunt can I just deny a certain class of people let's just say anyone I want from comming in? Perhaps anyone who has red on that day cannot in any way enter my establishment because I hate red. Is this fair. The federal government says no (not necessarily the states but they are funny anyway any not too concerned about collevtive rights or freedoms merely about money). I may not get it because I do not agree. If I provide a public service I cannot exclude on a certain class of people. Every case must be handled on a case, by case basis. When you get into networks of computers or networks of people you have to objectively look at each case and decide for yourself. Such blanket rulings have been completely repealed in regards to laws why not about another equally bad problem of access? Will you just start an ISP called "KKKISSp" where only members of the clan can join? They tried this type of thing at the Citadel and it didn't fly because it was ruled that even though it was manely a private school it had to let someone in. They violated rules that are there to keep things in a fair playing field. God do you really think if it we just trivially easy to set up an equal service that the UDP would mean anything. By logic we can see that the barrier to entry (like almost every single network app in the universe) has been raised to prevent the "rabble" from getting in.
Oh well...at least you're providing a good reason for dozens of informed people to post their explanations so that those who are merely ignorant of the facts instead of stubbornly
wrong-headed can make up their minds...
How about talking to some of the @home customers who were effected by the UDP maybe if they actually rely on the internet and usenet in particlar they would not see eye to eye with you or anyone who wants to make the internet the next experiment in some utopian plan. Utopias have constantly failed throughout history. Now I see the internet in it's true light for what it is. It's not a utopia but a group of little grubby extreme capitalist scrooges who just want to create an extension of the "gentleman's club" to new and frightening extreme. You my friends have created 1984. You can think of me as a fool and an idiot. You can even moderate each and every single post and reduce my karma to -100 I still feel that I have a valid point about how we stricture public resources and how we should interact with people who are not to our liking. If you want a new internet then create one. If you want a new slashdot then create one. If you want to create that gentleman's club and invite all your rich little friends to play then fine but just don't tout it as the be all and the end all of communications. Get all the major fortune 500 companies on it and then get everyone and their mother to be there too (need a big hall to get all those in). Then you leave about 10 people standing out in the bleak, dark, cold and assume that you cannot have responsibility for making sure that those people are invited when it becomes a de facto standard. I hope that usenet dies a horrible, screaming, bloody, death, I hope that your news groups get spammed silly and that you keep instituting various measures that are designed to 'help' matters in various ways. That will only kill the open nature of the forum and make it useless and a waste of time (like it's not already). Do I care? Well I like to have things open so that anyone can actually join and participate but when the next emergent Stalin comes down the pike I can't just let it live.
Public Access USENET (Score:2)
Yahoo also has a listing of public-access USENET sites [yahoo.com]. Sadly, spammers being who and what they are, most public-access sites that allow posting soon become abused right out of existence.
For those willing to pay a bit of extra money, there is also Yahoo's commercial news server category [yahoo.com].
There are always choices for USENET service. Even if you already pay your ISP for its USENET, additional access elsewhere isn't really all that expensive. These are also viable options for people who use free dialin services like AltaVista [altavista.com] or Blue Light [bluelight.com] that don't provide anything beyond bare-bones dialup access.
REJECT, not DENY (offtopic) (Score:2)
Hi, just MHO, but I think you get more mileage out of REJECT than DENY... my home machine uses DENY for pings, and REJECT for portscans.. it's a little bit more traffic, but it can fool scanners into thinking that you're not firewalled
what does it matter? well, deception... I'd rather keep 'em guessing than let them KNOW that some ports are filtered.. because (after all), if you're filtering ports, it must be because you have something to protect, right? With NMAP, a portscan reveals ports that are open, and ports that are filtered.. but ports with nothing running at all are ignored... REJECT spoofs this behavior..
Oh, and I DENY pings because it frequently stops address-scans dead (no machine responds at that address, so they don't bother to portscan it later..).. again all part of the "keep-'em-guessing" defense..
Again, this is just IMHO...
Clueless or a troll - the great question (Score:2)
Actually, on second thought, the last thing we need is another idiot on USENET:
Forget I said anything at all about USENET being easy to access in a number of different ways. It's really very hard and confusing, far too complicated for anyone to want to use it. No fun at all. Stick to AOL - you'll fit right in there.
Corrections (please moderate this UP) (Score:2)
Slashdot does not have the ability to cancel posts, so please moderate this up so people can be made aware that this post contains several factual errors. I appologize.
~ Signal 11
Re:Burn them at the stake. (Score:3)
If I remember correctly, windows file shares by default run over netbios, which is not routeable unless there is a master browser configured to do the deed
You're correct that the windows fileshares use NetBIOS, but NetBIOS over TCP/IP is very much routable, because TCP/IP is routable.
I think you're confusing it with NetBEUI, which is another transport protocol (same/similar level as TCP/IP), which is not routable. (This is Windows' preffered transport protocol.)
Windows LAN's exchange name information via UDP broadcasts, which are (usually) not routable (although this has nothing to do with NetBIOS.)
Shares should still be accessable if accessed in a \\ip.address.here fashion, but shares wouldn't normally get past a router.
Yes, it would - in fact, this is exactly how scour.net works - it indexes NetBIOS shares across the internet, so that you can set up a publicly accessible directory share for people to download media files.
Hope this clears some things up for you..
Re:There IS a danger to the UDP (Score:2)
In cases like the hypothetical one above, civil rights legislation has a real and legitimate role to play. "
Unfortunately such legislation would be hard to enforce. Effective legislation would require international aggreements. The legal definition of free speech in the US differs from elsewhere in world - attempting to change it in anyway to put in line with an international agreement might be one hardest things to do in America. If your hypothetical aryan group were outside your country of residence, it is obvious that such legislation could only enforce the blocking of the incoming data. It would be hard to plug all of the holes without measures such as those in Saudia Arabia where the government controls and screens/censors all international internet connections.
I think that this is an issue that we become more pressing in the next few years as the internet seeps into more parts of society around the world. National governments are going to want to impose restrictions so that the internet within their national boundaries meets the local laws. What is socially/legally acceptable in Holland might not be so in France. But the way the internet has grown and is interconnected makes this increasing difficult to "fix".
I think that this is an interesting issue that we will see more of. I'm sure we'll have more heated debates in the not so distant future. The UDP is the most effective method we have available to us.
Pay Attention: USENET IS NOT A PUBLIC RESOURCE! (Score:2)
Re:Yes, you missed something. (Score:3)
First off, your rights to read or even post to Usenet have not been abridged. What has been done is that the other Usenet server admins have chosen to ignore anything coming from your domain. You can still post stuff, but only @Home and those not participating in the VOLUNTARY boycott will see it.
Secondly, this is not a case of elitism or bias. The UDP is a response to repeated abuses coming from a source. The abuses were reported and action on them was requested. Because @Home did not take appropriate action to stop the spam after multiple requests, the UDP was threatened. To borrow your "club" analogy, this is similar to the patrons asking someone to tone down their behavior when their being a twit. If the person insists on acting out, the club staff have the right to toss him out on his ear.
Thirdly, realize this. A UDP is put into place because a particular ISP refused to respond to complaints. It is in no way a slight against you or any other users (unless of course you're one of the spammers). The question you should be asking yourself is "what did @Home do to deserve this", for they did do SOMETHING. UDP's aren't given out lightly. They are usually because the ISP was apathetic to complaints...something you might want to keep in mind when subscribing or resubscribing to them.
In closing, the biggest flaw in your last argument is you assume being on the Internet is a right. It is not. It is a privilege. Abuse the privilege, and it can be taken away...just like a driver's license. @Home abused their privilege to be a part of Usenet, and they were punished for it. If you personally abuse your Net privilege, you think @Home won't hesitate to wipe your account? It's simple logic, but too many people think they're entitled to things they are not. Trust me, it's easy to ged rid of a disruptive influence and back it up in court.
You have the right to be heard, but not be an arse. Others have the right to choose to listen or not.
Re:A UDP is Wrong (Score:2)
If somethings unethical, it's unethical. It's that simple. It has nothing to do with morality, it has to do with ethics.
Re:My opinion on all of this (Score:2)
Would it get you a little upset if another server was run by Bill Gates himself and all linux groups were banned?
There is such a beast (or at least was)... Its called news.microsoft.com, and at least for a while it only carried microsoft.* news groups... and didn't propigate them anywhere.
Was I annoyed that I couldn't get ABPE there? No. Would I have been annoyed if the admin had cancelled every last post with the word Linux in it? N.. Ok maybe, but it was THEIR server. And if I didn't like it, I could go elsewhere.
Quite often, if I post in alt.games.whitewolf, that post will show up in some of the newsservers I check, but not others. Most likely its just an artifact of the feed process, but who knows, perhaps somewhere along the line, I annoyed a news admin at a central feed and he's blacklisted me. Do I lose sleep over this? No.
USENET is, and has been since 1990 when I started messing with it, one of those things that is something of a crapshoot. Expecting some sort of guaranteed carry by every news server "on it" is just plain ridiculous.
Tim Gaastra
Re:My opinion on all of this (Score:2)
way too high, but what is it really?
I apologize -- it's "only" 90 gigabytes a day. News statistics [remarq.com]
Re:There IS a danger to the UDP (Score:2)
A) First amendment applies to government, not private citizens administrating NNTP servers, or the companies the own NNTP servers.
B) Anyone can choose to carry or not carry any group or message they want to don't want to.
Whats the issue?
Re:My opinion on all of this (Score:2)
What? Dedicated T1 lines are denied to the average citizen? I didn't realize that. On what basis are they denied? Perhaps you can't get a T1 line in residential areas? No, that's not it...
-BrentWhat arrogance on @home's part. (Score:2)
Lets do a brief recount of the events...
1. @home creates an environment ripe for spam, which people take advantage of. Admins do nothing.
2. Usenet admins contact @home about fixing the problem, @home does nothing.
3. Usenet admins finally get sick and tired of waiting, and call for a UDP.
4. @home finally responds, by effectively spamming a meaningless PR reply.
Gee, I guess they are really apologetic eh? Their egos must be absolutely huge over there to think that they can get away with this.
I can see it now...
*The scene is a large tower, where the President of @home is sitting in a throne laughing and counting money. Someone comes in and tells him about the UDP*
Pres: Those worms dare to challenge me!? HA!! HAHAHAHAHA!
I hope the Usenet admins bash @home into the ground with this UDP until they actually admit to their problems, fix them, *AND* Apologize for forging the moderation information to get their post put up three times. Anything less is unacceptable at this point, they've crossed a line.
Re:Nonsense, @Home (Score:2)
I've got one word for you: Crossposting. If you can hit 10-20 newsgroups with one 5k post of text, do that 1000 times- you've just posted to 10,000 newsgroups with about 5 meg of upload traffic. At 128k, that doesn't take _that_ long. Besides, they probably do it at 3am when the cable modem user is asleep anyways.
#2 Every one of those systems is already being used by a human being (scratch that - several human beings; we are talking about a proxy here), who are going to complain to @Home, at which point they would have put a stop to the spamming.
Uh,hello? if they set up the proxy incorrectly that probably means they're not exactly the most clue-ful internet users. All they know is that their service is slowing down- and based on previous posts, @home doesn't give a rat's ass about slow service.
Re:There IS a danger to the UDP (Score:2)
Consider a group basically everyone despises: white supremacists. If an ISP were to rise up, comprised entirely of Aryan Nation skinheads, and if their thousands of clients were to post every day their noxious personal opinions all over the web, there is a smal but real possibility that some news admins would call for a UDP against the service. There is also the possibility that this UDP would go into effect, although no actual crime or harm had been committed, and the silenced participants were exercising their constitutional rights to free speech.
There has never been a UDP invoked against any ISP for any action except abusive amounts of unsolicited commercial postings. Never. Nor will there ever be. If you think that could happen, you really don't understand the people who run Usenet at all.
Re:What are you talking about??? (Score:2)
Yes, but so does your's :)
The UDP is the same thing as if legal action was taken against your HOUSE because you had raw sewage spilling out onto the streets. It is now up to the owners of the house to correct the problem, fix the sewage leak, and then have the legal action stopped.No, it's more like the whole neighborhood was quarentined because your neighbor was pouring raw sewage into the street. You could get out, but couldn't have friends over, mail couldn't be delived, shipments of new PC's couldn't be received.
Actually, a better analogy would be that the UDP is like quarentining off a whole apartment complex because one of the tenants was dumping raw sewage out in the back and comtaminating the cities water, but the apartment manager was refusing to do anything about the situation.
Yes, it's not your fault, and you're suffering to, but the person responsible, isn't responsible, and it's not only affecting you, whether you admit it or not, but a whole other group of people. So the city shuts off your water, and you move out if you have to, unless the apartment manager deals with it.
-BrentRe:@Home will prob ban static IPs. Thanks guys! No (Score:2)
Maybe.
you only need the @home pluggin to access your user information.
IOW, you do have to be using "approved" software. Or is this plugin available for Linux?
The server issue varies by agreements(AUP) with the local cable operator.
Not according to the @Home AUP [home.com]
Just what we need... (Score:2)
Re:My opinion on all of this (Score:2)
Re:My opinion on all of this (Score:2)
Re:There IS a danger to the UDP (Score:3)
Essentially, the counterargument is that the individual servers are owned privately and thus nobody has the right to speak using those private resources.
However, that is precisely my point. On the Internet, there is not much in the way of public property. Imagine a physical world in which there were no public sidewalks, squares or roads. Free speech could effectively be killed by the private owners of territory forbidding speech on their grounds. That is the danger I was trying to illustrate - a future world too completly balkanized, to the utter exclusion of publicly owned, centrally overseen venues for unpopular speech.
-konstant
Yes! We are all individuals! I'm not!
And they are (Score:4)
For those not in the know port 119 is NNTP, which presumably is what caused them to get UDPd in the first place. Thehe.. they won't find my 7 ipmasqed computers, of these me & my friends ipchains are sure. BTW anyone know how to defend against the TCP stack OS identification "DOS" (for lack of a better word)? To be honest, I don't even want to hear them bitching about Linux or anything else.
--
@Home has made this bed. (Score:2)
My solution? I have my own firewall. It automagically blocks any hosts that probe it, I've audited it, I've nmapped it, and I've even attacked with with script kiddie tools (and had script kiddies attack it from a few IPs, which have since been ipchains blocked).
What will happen? Since I run a webserver (homepage), mail server (@Home servers are spammed like nuts), DNS server (my hostname), FTP server (my files), SSH server (secure remote admin from anywhere), and occasionally host Quake games (not recently, though) and Icecast (mainly for LAN tunes), they'll probably throw the book at me. People like me are going to get hurt. People who run Winproxies are going to get a stern talking to, but they'll likely get off scott free.
Why? Because they're closer to the AUP (the never enforced AUP). All the people inside @Home I've talked to have always said that they only enforce the AUP when they see gigs/day transfers (huge warez/porn/spammers, basically). I'm just a side victim, running the illegal servers.
---
Re:Burn them at the stake. (Score:3)
Now my Linux box with full IPChains is up, and I had to turn off the logging, since there were so many scans and my box was using 98% CPU for syslogd (75MB log after only a couple hours). Not Good... I like the comment about using RJECT instead of DENY, though
But I like alt.sex.* (Score:2)
---